On Fri, 13 Apr 2018, Tero Kivinen wrote:
Paul Wouters writes:
Using IKE also has a disandvantage for for those implementations that
only support a window size of one. If those IKE messages are lost -
which is highly likely because we are trying out larger window sizes
until we find something that works - things get tricky (even trickier
then the current liveness + mobike situation)
That is good reason for requiring bigger window size if we do this in
IKE for implementations supporting this. Actually if you do mobike,
you most likely also want to use bigger window sizes...
Perhaps such a requirement could help. I still feel the whole msgid
handling in IKEv2 requires some clarification document, or perhaps even
a change in the specification.
IPsec mailing list